Cloud Certification for Government Operations

August 13, 2013

In the cloud services for critical infrastructure is getting more transparent to end users. Jim Reavis, co-founder and executive director of the Cloud Security Alliance (CSA), says that "transparency has always been a significant part of the CSA's vision, and today this objective is more critical than ever." Photo courtesy of the Zalud Report

The Cloud Security Alliance (CSA) announced in late July a number of milestones in its continued efforts to spearhead global transparency for cloud services. Over 30 entries, from major cloud providers, have been made to its Security, Trust and Assurance Registry (STAR). Later this fall, the CSA, along with the BSI (British Standards Institution), will unveil details of the STAR certification effort.

"With over 48,000 individual members, and 70 chapters globally, the CSA has become the global authoritative source for trust in the cloud," contends Dave Cullinane, chairman of the CSA Board of Directors. "As we look to the future, we believe that enabling assurance in a global compute utility is one of the greatest challenges facing the industry, if we want cloud computing to meet its potential. As a result, we continue to focus our efforts on enabling transparency among cloud providers, for the benefit of consumers around the world."

In late 2011, the CSA introduced STAR, a first step in improving transparency and assurance in the cloud. Major cloud players include Amazon Web Services, Box.com, HP, Microsoft, Ping Identity, Red Hat, Skyhigh Networks, Symantec and Terremark, who submitted entries into the registry.

CSA also has published results of its recent survey on government access to information. The survey received almost 500 responses from CSA members around the world. It found that 56 percent of non-U.S. residents were now less likely to use U.S.-based cloud providers, in light of recent revelations about government access to customer information. An overwhelming 90 percent of respondents said that companies which have been subpoenaed through provisions of the U.S. Patriot Act should be able to publish summary information about the amount of responses they have made. Full results of the survey can be found at https://cloudsecurityalliance.org/research/surveys/#_nsa_prism.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 December

This month, Security magazine brings you the 2020 Guarding Report - a look at the ebbs and flows security officers and guarding companies have weathered in 2020, including protests, riots, the election, a pandemic and much more. Industry experts discuss access management and security challenges during COVID-19, GSOC complacency, the cybersecurity gap, end-of-year security career reflections and more!

View More Create Account

Cloud Certification for Government Operations

Related Articles

Related Products

Report Abusive Comment